[FFmpeg-devel] [PATCH 1/2] MAINTAINERS: Add ED25519 key for tag/commit signing experiment

James Almer jamrial at gmail.com
Mon Aug 8 18:16:36 EEST 2022


On 8/8/2022 11:50 AM, Michael Niedermayer wrote:
> From: Michael Niedermayer <michael-git at niedermayer.cc>
> 
> Signed-off-by: Michael Niedermayer <michael-git at niedermayer.cc>
> ---
>   MAINTAINERS | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 7ed15f96f6..ed2ec0b90c 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -626,6 +626,7 @@ Leo Izen (thebombzen)         B6FD 3CFC 7ACF 83FC 9137 6945 5A71 C331 FD2F A19A
>   Loren Merritt                 ABD9 08F4 C920 3F65 D8BE 35D7 1540 DAA7 060F 56DE
>   Lynne                         FE50 139C 6805 72CA FD52 1F8D A2FE A5F0 3F03 4464
>   Michael Niedermayer           9FF2 128B 147E F673 0BAD F133 611E C787 040B 0FAB
> +                              DD1E C9E8 DE08 5C62 9B3E 1846 B18E 8928 B394 8D64

There is a "FFmpeg release signing key" key already, used for the 
tarballs, and which you obviously have access to. Can we not use it for 
the release tags too, instead of a new key to your name? It would 
probably require creating the git tags using the ffmpeg-devel at ffmpeg.org 
email.

This new key of yours could be used for your commits, but for the 
release tags, if possible better use the same key the relevant tarball 
will also use, IMO. It will simplify package managers that already fetch 
tarballs to also fetch git tags as fallback and not require the use of a 
different key for verification.

>   Nicolas George                24CE 01CE 9ACC 5CEB 74D8 8D9D B063 D997 36E5 4C93
>   Niklas Haas (haasn)           1DDB 8076 B14D 5B48 32FC 99D9 EB52 DA9C 02BA 6FB4
>   Nikolay Aleksandrov           8978 1D8C FB71 588E 4B27 EAA8 C4F0 B5FC E011 13B1


More information about the ffmpeg-devel mailing list